Privacy As A Service, what might it look like

Privacy has become a valuable asset in today’s world and therefore the technology to protect it has become a very marketable product. When online privacy is mentioned most people automatically think about their Internet web browsing history and social media footprint.

“Every day young adults will call me up and tell me that they can’t get a job due to an ill advised tweet or Facebook issue…Education is key.” – Tony McChrystal, reputation.com

Unfortunately, the more high profile people are, the more people will make use of their online footprint and rarely for good.

The meaning of privacy

According to Dave King, CEO of Digitalis reputation management, all major recent high profile hacks including the Sony hack originated from strategically valuable individuals compromised by highly targeted attacks. The TalkTalk hack is the sole exception to this.

Your browsing history and online profile is only a tiny fraction of a much larger data picture. Publicly available data include the land registry and voter registration databases that a large proportion of us are recorded on.

A quick search of 192.com will tell anyone who has your name and postcode with full name, address, age, neighbours and property price.

Many online retailers use this publicly available data combined with users browsing history to make decisions about what items will influence their purchasing decision.

Each visit is carefully customised to provide a “frictionless” experience in data engineering terms. The more a specific site is visited the more information about the users habits are gathered.

If someone have a Google, Yahoo or Facebook account they are not the consumer, they are the product. Put simply, the more information these companies have on users the more accurately they can target them with highly tuned adverts.

Neterix, a company that specialises in privacy compliance for business commented:

“People are more aware of the value of their personal information, yet so many are willing to trade some of it for “free” services. People have to choose if that service is worth the potential privacy cost.” – Les Pritchard, Neterix.

As an individual people have limited recourse to have such information removed. Privately held databases are allowed to hold information on people as long as they abide by the data protection act (If it applies.) As long as the information is correct and used in a fair manner companies are not compelled to remove it.

The breadth of data detailed above barely scratch the surface. Several private information brokers provide even more detailed information on individuals for a fee. These companies include Experian, Equifax and many large financial organisations.

There are such a huge number of data vendors that trying to take back control of data using opt outs could become a full time undertaking and you can be sure these providers will not want anyone to have an easy ride removing the information as doing so is not in their interest.

Although there are not yet many products on the market for  “Privacy As A Service” they are starting to appear although predominantly targeted to the American market at present

Speaking to several experts on the subject of what privacy as a service looks like there was a common theme about what privacy as to what it might look like.

When asked what such an all-encompassing privacy service might look like King puts it this way:

“A service that manages my services long term and looks to manage my data as a whole, who may have access to it and for what purpose. It should have an educational component as well.  Ideally it would automatically search and monitor for my potential privacy issues.”

Common consensus across all the experts interviewed is that privacy as a service would take the form of a web based portal that will integrate privacy controls alongside a more conventional ad and tracking blocking technology.

Such a service would essentially provide a one-stop shop for management of your online profile and implement privacy controls in a consistent and controlled way. This would allow everyone to avoid online tracking

Some companies will attempt to remove  information from as many online services as possible, for a fee. All these services come with a caveat that they cannot control all the information, all the time. No matter what someone wishes for some records will inevitably stay on the web, especially where required by law.

Interestingly on a similar vein the recent “right to be forgotten” has had a mixed effect since its inception. Google’s own data would suggest that as of July 2015 Google had received requests to remove 1.25 million URLs based on 353,484 requests.

Google has also revealed that the ten most common removal requests represent a mere nine percent of all requests received. Somewhat unsurprisingly the top website for removal requests is Facebook. The second most popular site however is a profile search engine utility. This fact underscores how important it is to pause for thought before putting information on publicly available websites.

“You have to try and understand how your data is going to be used in the future and what it will be used for in the future and be aware of the changes in technology may render it useful in unforeseen ways” – Jim Killock, Open Rights Group

Peoples data is valuable and unfortunately many sites are built around the premise of collecting and mining user submitted data so those using the service essentially become the product and users data is sold on to third parties, none of whom the end user gets to know about.

Until such services are widely available anyone wanting to protect their data should look at what information they give to whom and for what reason. When using online social media familiarise yourself with the privacy tools the vendor provides. At the end of the day it is up to the individual to think before giving away valuable data.

Catch you later!

 

VMware vCenter HA – How to

One of the major shortcomings of vCenter has been lack of HA for vCenter. HA has been around for a long time but it never supported dual CPU so therefore no use for vCenter.

With the latest version of vCenter VMware have addressed this issue and created a purpose built vCenter HA configuration with a separate heartbeat network. What’s even better is that it is really simple to implement, manage and test.

You can read the full how-to of implements vCenter HA here.

Laters!

Dell XPS – The inside story

Hi Everyone,

Just thought I would create a quick blog post to mention my behind the scenes interview with Barton George and Jarred Dominguez of Linux of the Dell Linux on Laptops  fame.

The Dell Linux on laptops interview has been published in the latest edition of Linux Format. It covers how the Linux on Dell offering came to be and the the ups and downs the team experienced.

The interview covers the project skunk work startup, near brush with death and its eventual rise to fame as well as what to expect in future.

Many thanks to Barton, Jared and the Dell PR staff!

Dell on Linux cover shot
Linux Format Dell Interview

 

Lessons learnt for the next VMworld

Now that the party is over (literally) I thought it would be a great idea to create a post about lessons for attending

Liota - VMware powered robot on dislay.
VMware Liota IOT powered robot on dislay.

VMware (The more in-depth thoughts and articles will come via my usual outlets ;))

This was my first VMworld (Thanks vExpert, Corey and the team for making it happen). I probabily made what the veterans would consider newbie mistakes. I did however make some really good decisions too!

Lesson 1) Day one is partners day.

That’s the problem. If you are not a partner there is a limited amount of

things to do as it is focused on partners and TAMs (Large accounts essentially.)  You will not get into the partners booth. This is the day when all the partners are setting up their stands.

There are however a few things you can do to pass the time. Try the hands on labs. There are loads of them to do, they are free and they are all super fresh content. Taking your own laptop means you can bypass the queues for the most part (VMware can only provide so many desktops!)

My personal advice would be that if you are not a partner, travel on the first day and get registered (Registration booths are open late).

Lesson 2) Planning is key

Me being my normal self left installing the app until the last minute… Get the VMware session app setup before you attend. It makes managing your experience (and registering) much easier.

It is critical that you get your session selections picked as soon as they are available. The populuar courses fill up extremely quickly. If you leave it you will get almost zero sessions available.

Lesson 3) There are only so many sessions one person can take.

There are lots of sessions but I would recommend making sure you have plenty of breaks inbetween (Who knows, even talk to other people about VMware if you’re feeling brave.) I wouldn’t suggest more than two back to back.

Lesson 4) Relax…

At the end day it is all about learning about new VMware related trends, tools and have fun.

As an aside if you need somewhere reasonsablly good and fair inexpensive to stay I can recommend L’Hospitalet de Llobregat as a hotel. It is a travelodge hotel that is literally 2 – 3 minutes walk down a straight road from the hotel. Much cheaper and better location than a lot of the more expensive hotels.

 

The word from VMworld 2016

So the first day of business is over. It has been really interesting. If there is one thing that really stands out it is that “on prem” is also on life support. If any proof where needed of this the keynote underlined squarely the fact that the VMware is looking at everything in a cloud. Hardly a mention was made of anything not cloud.

Don’t get me wrong the products for those that wish to keep their own hardware will still exist but all the effort is going into cloud.

I forsee that in the near future VMware will have a very different role. That of the vendor agnostic cloud management and orchestration plane for virtualised workloads.

Yes Amazon is coming onboard with inbuilt out the box functionality next yeat but Amazon is one of many cloud providers (as noted on the keynote) other players include Amazon and OVH to name but a few. Even Azure is covered.

The management of the cloud is the next stop on the journey of VMware. As for those wondering what is happening with the fight with Microsoft, HyperV and where Microsoft fits in this new agnostic world, check back soon for my exclusive interview with David Zolnier.

 

Doing virtualisation on a budget with ProxMox

Recently VMware announced that the cost per socket is increasing by around $1,000 per socket. To be brutaly honest not everyone can afford the thousands of dollars for an expensive (but really good) platform such as VMware.

If you are prepared to reign in your expectations but get most of the functionality for very little cost ProxMox is worth a look. To that end I have written a group of articles on setting up and implementing a basic ProxMox hypervisor (KVM) setup with integrated AD and tasty features such as live migration (we can’t use the term vMotion right 😉 ).

Try it out and see how you fair. It costs nothing and for those on a limited budget but demanding requirements it may just fit the bill.

Check it out here…

WD 4200 NAS factory restore

Hi everyone,

I thought I should blog about this because it seems to be a very common issue.  When you buy a WD 4200 there is no restore disk so how do you restore it to factory reset ?

Even some of the information on the WD site is incorrect. It was a frustrating experience, especially as support wanted to know why I was doing a factory reset on my DX4200. None of their business really!

I knew that the  WD 4200 had a recovery partition but wasn’t sure on how to invoke a restore using it. It appears I wasn’t the only one thinking “WTF?”.

So without further ado, here is how to restore the WD 4200 NAS to factory default:

  1. Log in to the  WD 4200 from the console (ie no RDP!)
  2. Whilst holding the shift key,select the power button (top right) select Reboot. .
  3. From the drop down list of reasons select “Operating System Recovery (Planned)” and click ok.
  4. At this point the WD 4200 will reboot.
  5. After reboot it will present a new screen with a couple of options. Select Advanced options.
  6. At this point there is the option to do a “WD Factory restore”.

At this point you can just let the reinstallation routine run. It will reboot and reconfigure several times. Apparently a full restore can take several days but given that there is 16 TB in there it is kind of understandable, assuming it wipes the disks!

If you have lost your primary drive and looking to reinstall however you are really out of luck. According to support there is no recovery disk available.

Virtual DR – A quick intro guide.

DR used to be the one thing every administrator treated like cod liver oil, horrible tasting but with many upsides. I recently wrote about it here for SearchVMware.

Essentially there are a number of ways to think about DR. In that article I give some essential bits of advice as to what works and what doesn’t. Essentially it comes down to cutting your cloth accordingly and planning it properly.

Sure it aint cheap at high several hundred dollars a node but it comes down to a couple of things to bear in mind:

  • Administrators don’t need to replicate everything. Think core apps and essential services (DNS, AD etc)
  • Virtual DR only works with virtual machines. No physical database servers allowed!
  • Hardware and link capacity. The DR site should have sufficient hardware capacity to run the applications as speedily as the live site. The last thing you want in a DR scenario is slow machines slowing things down further.
  • Have a DR plan and test it. An untested plan is more or less guarenteed to have gotchas.

If you are looking for a good intro to the do’s and don’ts of virtual DR you may want to take a look.

Why the Digital Economy bill is bound to fail.

During the last few weeks I picked up a new client, ARS Technica UK. I was asked to write about the Digital Economy Act and how it is doomed to fail at any significant scale.

Essentially the UK government is trying to stop porn being viewed by those under 18. To those internet savvy people reading this you know it is a trivial exercise to bypass government mandated filters.

The man from Virgin Media, he say no!
The man from Virgin Media, he say no!

The people passing this law may well not have a grip on this new fangled internet technology.

Those that want porn will still get it via VPN, TOR and newsgroups. Even the government admit that people will try to bypass it. As Ernesto at Torrent freak mentioned “It is just about making pornography that bit harder to access”. However to many, myself included this could be the thin end of the wedge of an assault on our civil liberties.

You can read the full article here.